The actual code used to exploit a certain SQL vulnerabilities used by an automated search tool that looks for websites with those vulnerabilities has been spotted at SANS.  The code sets up javascript files with exploits which then infect anyone who browses by.  There is even a call to a script called pay.asp, so this automated tool probably makes a lot of money for someone.  Follow the link at [H]ard|OCP for the full story and links to the patches your webserver should already have.

“The SANS Institute say they have uncovered what they are calling a “rare gem” as far as computer security investigations go that actually sheds a little light on how up to 20,000 web sites have been hacked since the beginning of the year.

They found a sneaky software tool that uses Google’s search engine to hunt for Web sites running certain kinds of vulnerable applications, wrote Bojan Zdrnja, on the institute’s blog. “While we had a general idea about what they do during these attacks, and we knew that they were automated, we did not know exactly how the attacks worked, or what tools the attackers used,” Zdrnja wrote.”

Here is some more Tech News from around the web:

Tech Talk